Visible to the public Forecasting severity of software vulnerability using grey model GM(1,1)

TitleForecasting severity of software vulnerability using grey model GM(1,1)
Publication TypeConference Paper
Year of Publication2015
AuthorsGeng, J., Ye, D., Luo, P.
Conference Name2015 IEEE Advanced Information Technology, Electronic and Automation Control Conference (IAEAC)
Date Publisheddec
KeywordsData models, Forecasting, forecasting theory, GM(1, grey model, grey system theory, grey systems, grey theory, Mathematical model, Measurement, prediction, Predictive models, pubcrawl170107, security, security of data, severity, Software, software reliability, software risk level, software security, software security level, software vulnerability forecasting severity, Vulnerability

Vulnerabilities usually represents the risk level of software, and it is of high value to forecast vulnerabilities so as to evaluate the security level of software. Current researches mainly focus on predicting the number of vulnerabilities or the occurrence time of vulnerabilities, however, to our best knowledge, there are no other researches focusing on the prediction of vulnerabilities' severity, which we think is an important aspect reflecting vulnerabilities and software security. To compensate for this deficiency, we borrows the grey model GM(1,1) from grey system theory to forecast the severity of vulnerabilities. The experiment is carried on the real data collected from CVE and proves the feasibility of our predicting method.

Citation Keygeng_forecasting_2015